| 主权项 |
1. A method comprising:
intercepting, by a processing device executing a first application, a method call of a log message originating from a second application at runtime, the log message containing information to be stored in a log data, the method call being derived from application source code of the second application; determining whether the log message is a simple message or a composite message, wherein a composite message contains a plurality of objects; when the message is a simple message, identifying, after intercepting the method call, sensitive information in the log message without tagging the sensitive information as sensitive, the identifying comprising:
finding in the log message a set of data comprising a format that matches a sensitive data pattern,validating the found set of data to eliminate false positives, anddetermining that the found set of data does not contain data in a format that matches any of a plurality of exceptional case data patterns; when the message is a composite message, performing a recursive algorithm to examine each of the objects of the composite message, wherein the performing comprises:
determining whether the object contains a set of data comprising a format that matches a sensitive data pattern,when the set of data is determined to comprise the format that matches a sensitive data pattern, validating the determined set of data to eliminate false positives, anddetermining that the set of data does not contain data in a format that matches any of a plurality of exceptional case data patterns; modifying the log message to protect the sensitive information; and causing the modified log message to be logged in the log data. |
